311864 matches found
Malicious code in ts-bign (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4a068fd0715cfd570ef64c7f6d249383560483880d19fb75a94ac4997a742c70 The package ts-bign was found to contain malicious code. Source: ghsa-malware 6e364f088c15924f92d8290e79ca278120b3d8778345dcad0aad75e821d352e0 Any...
MAL-2026-2188 Malicious code in levex-refa (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ba11828b57921035328d22b68ebf7ecb28dde3cedc4b58f874cf39c14583c5e0 The package levex-refa was found to contain malicious code. Source: ghsa-malware 5ce255ba60f9db881f821e9c9268a5c70e002212b5b0df88b274878592d4696d Any...
Malicious code in simple-util-kit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c4e97df136a9f8721793e4556b53f908cb10a6df1b2febf5edd3d9d8ef7ab2c7 The package simple-util-kit was found to contain malicious code. Source: ghsa-malware ade2d906419f8d8a97dff43ed8530e27612faa88503c6696838b30f201d5e6c...
MAL-2026-2189 Malicious code in simple-util-kit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c4e97df136a9f8721793e4556b53f908cb10a6df1b2febf5edd3d9d8ef7ab2c7 The package simple-util-kit was found to contain malicious code. Source: ghsa-malware ade2d906419f8d8a97dff43ed8530e27612faa88503c6696838b30f201d5e6c...
Improper Handling Of Symbolic Links
github.com/argoproj/argo-workflows is vulnerable to Improper Handling Of Symbolic Links. The vulnerability is due to flawed validation in the untar process when resolving symbolic links, which allows an attacker to overwrite critical files such as /var/run/argo/argoexec with a malicious script th...
Malicious code in vision-service-python-client-internal (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ea39ef97e61556ba1ef289f438f9401ced47328bd49f096401ed4795792c8f7a Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in yeshsurya (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 94ee8d39c76b11ebb68503181be81cfc3154ef7c1b758a9b139d77f3791c3356 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in sonic-platform-common (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 0b7ad70e46087b1ffe41c3d0670c24c58b38e72344c958458af49a25541778b4 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in batch-shipyard (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 83ca35f9b1e5fc77913037dde16ad175609dddc219e613c9dae7f752b112568f Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in lm-sys (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 69240e51e47ad6f05a6d2e98047b80c3beb9f2e05d1449b50606c812b9eb1c1e Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-2167 Malicious code in @shennmine/libsignal-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 04f4d27219071c7adbcedd56c54f0ca559b3d3651e6203b38d5170bb0e239f66 The package @shennmine/libsignal-node was found to contain malicious code. Source: ghsa-malware...
Malicious code in @shennmine/baileys (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 117bf59d9266fc8bf77b63821d64778d3d9c7c57cd93c2c95a8b1718e879f14c The package @shennmine/baileys was found to contain malicious code. Source: ghsa-malware...
Malicious code in @shennmine/libsignal-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 04f4d27219071c7adbcedd56c54f0ca559b3d3651e6203b38d5170bb0e239f66 The package @shennmine/libsignal-node was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2166 Malicious code in @shennmine/baileys (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 117bf59d9266fc8bf77b63821d64778d3d9c7c57cd93c2c95a8b1718e879f14c The package @shennmine/baileys was found to contain malicious code. Source: ghsa-malware...
Malicious code in allergan (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b647cee7f2efba83a3acb7f2a6216150570618d386d85a162caf08b4fabaeb1d The package allergan was found to contain malicious code. Source: ghsa-malware 39db4e96e2f99167f5914eb406fd2fe8d3adab2598b4872dbe5f0e228cad37e7 Any...
Malicious code in console-loggers (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a453dd193f8ddd250ba6ade5c711f845eced766f664cb75f7969f064a94b86f The package console-loggers was found to contain malicious code. Source: ghsa-malware 4172c3551666d2ed6e2691429d3929465e9f862f0967ff39fcad41faf23fb20...
MAL-2026-2169 Malicious code in console-loggers (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a453dd193f8ddd250ba6ade5c711f845eced766f664cb75f7969f064a94b86f The package console-loggers was found to contain malicious code. Source: ghsa-malware 4172c3551666d2ed6e2691429d3929465e9f862f0967ff39fcad41faf23fb20...
Malicious code in chai-patch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b7a1b00f9cf8ff93aebfbb318e0f4da8d56a985a1eca3c305142e708dc6fc55 The package chai-patch was found to contain malicious code. Source: ghsa-malware a5b659f5744d677c50cb63bc98f750071b3db390e25b81a553debdff48ffac6a Any...
MAL-2026-2168 Malicious code in chai-patch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b7a1b00f9cf8ff93aebfbb318e0f4da8d56a985a1eca3c305142e708dc6fc55 The package chai-patch was found to contain malicious code. Source: ghsa-malware a5b659f5744d677c50cb63bc98f750071b3db390e25b81a553debdff48ffac6a Any...
Malicious code in @rexxtheproject/elaina-baileys (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 35f9ef0d26d553f66ecfe3fb2813906a4a457ec3918fb5c0508441f3e13d3fa4 The package @rexxtheproject/elaina-baileys was found to contain malicious code. Source: ghsa-malware...